Adding Vagrant setup for deploying security-ansible

This commit adds an initial Vagrant setup that will run the security ansible tests in check mode against a clean Ubuntu Trusty 64 image. Change-Id: If5499dd111c66b9888d3fbc0772c568ef08954f5 Co-Authored-By: Rob Clark <robert.clark@hpe.com> Co-Authored-By: Eric Brown <browne@vmware.com>
2016-01-13 08:44:40 -06:00 · 2016-01-13 08:44:40 -06:00 · ac1093f98d
parent 14d241915e
commit ac1093f98d
3 changed files with 44 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -28,6 +28,15 @@ Using the role is fairly straightforward:
      roles:
         - openstack-ansible-security

+Running with Vagrant
+--------------------
+
+Security Ansible can be easily run for testing using Vagrant.
+
+To do so run:
+    `vagrant destroy` To destroy any previously created Vagrant setup
+    `vagrant up` Spin up Ubuntu Trusty VM and run ansible-security against it
+
 License
 -------

--- a/16
+++ b/16
@ -0,0 +1,16 @@
+# Sets up Ubuntu 14.04, downloads security-ansible, and runs it
+
+Vagrant.configure("2") do |config|
+  config.vm.box = "ubuntu/trusty64"
+  config.vm.hostname = "sec-ansible-test"
+
+  config.vm.provision "ansible" do |ansible|
+    # ansible.verbose = "vvv"
+    ansible.playbook = "tests/vagrant.yml"
+    # we'll skip V-38496 because Vagrant itself creates the user that causes
+    # this to fail
+    ansible.skip_tags = ['V-38496']
+    # we need to run as sudo for a lot of the checks ansible-security runs
+    ansible.raw_arguments = ['-s']
+  end
+end
--- a/tests/vagrant.yml
+++ b/tests/vagrant.yml
@ -0,0 +1,19 @@
+---
+# Copyright 2016, HPE, VMWare
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Playbook for role testing
+  hosts: all
+  roles:
+    - role: "../../../openstack-ansible-security"